Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/d9OXZ4SVLZxavm1QvvZBMikbvFU.roa
File: d9OXZ4SVLZxavm1QvvZBMikbvFU.roa (raw, json)
Hash identifier: 8D51dr9+Q7UKwbTLy2E4XUYWp/L2ED1KPB4CF/MYwoY=
Subject key identifier: 77:D3:97:67:84:95:2D:9C:5A:BE:6D:50:BE:F6:41:32:29:1B:BC:55
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 0194FE7AB767D12A96157F897D73E823963D
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/d9OXZ4SVLZxavm1QvvZBMikbvFU.roa
Signing time: Thu 13 Feb 2025 08:44:02 +0000
ROA not before: Thu 13 Feb 2025 08:44:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 31.210.35.0/24 maxlen: 24
188.132.188.0/24 maxlen: 24
188.132.189.0/24 maxlen: 24
188.132.190.0/24 maxlen: 24
188.132.191.0/24 maxlen: 24
212.68.59.0/24 maxlen: 24
212.68.60.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 14 Feb 2025 00:44:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:fe:7a:b7:67:d1:2a:96:15:7f:89:7d:73:e8:23:96:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Feb 13 08:44:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=77d3976784952d9c5abe6d50bef64132291bbc55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:4d:5c:5e:c3:1c:30:fa:b0:54:3c:b5:b6:01:
32:cf:91:08:d7:39:ea:49:c0:ea:b2:8c:fb:86:94:
e8:5f:e7:f7:cd:1b:60:71:d5:57:d4:83:72:65:65:
4f:89:c4:e2:ba:e4:b6:8f:26:bd:88:fd:1b:58:46:
ff:b3:23:be:e5:5d:dd:aa:d1:f4:88:87:32:6c:a1:
f8:22:2f:61:41:49:63:5d:0f:6d:77:85:e1:62:7a:
13:8a:f9:1c:14:07:46:84:c3:fb:72:81:ac:ed:13:
d1:5e:53:23:de:99:22:86:65:be:fd:52:7c:85:1f:
8b:b9:59:c7:1b:7d:be:aa:d8:13:96:0a:17:7a:c0:
7c:aa:24:c6:0e:0e:f3:51:4a:9d:ea:c4:18:d1:95:
ab:2f:71:4e:d3:45:36:0f:60:f8:23:66:e5:7a:d8:
df:44:7e:ef:4c:1e:8c:da:0f:1d:90:ff:08:6f:a6:
9a:bf:6a:de:62:13:88:a3:db:08:fd:84:88:2a:6f:
b0:ae:42:c5:ee:8d:2d:36:2b:f6:96:e0:96:d9:0a:
e8:22:9a:f7:cc:30:1b:7a:29:c7:15:ed:54:2d:5d:
64:af:bd:5c:d2:e6:78:00:db:ad:d7:63:8a:51:1b:
7d:64:05:ae:8e:ee:64:b4:7f:3e:5c:5d:e3:7c:72:
2c:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:D3:97:67:84:95:2D:9C:5A:BE:6D:50:BE:F6:41:32:29:1B:BC:55
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/d9OXZ4SVLZxavm1QvvZBMikbvFU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.35.0/24
188.132.188.0/22
212.68.59.0-212.68.60.255
Signature Algorithm: sha256WithRSAEncryption
65:50:42:32:3e:5c:a1:4c:34:1b:dd:6c:3f:99:b7:df:5b:17:
db:88:aa:7d:ab:02:83:7b:fb:50:52:68:a7:3d:86:c8:51:7c:
1c:56:42:88:00:b9:82:c4:a6:0b:2f:9f:af:c5:40:82:fe:95:
8c:f3:18:eb:e1:cd:8c:4f:eb:25:a6:80:38:89:d8:a3:03:dc:
c7:26:b2:a6:d5:d6:c0:02:19:38:a0:23:d2:c6:d7:90:d5:16:
0a:a2:a9:06:ed:e4:aa:b8:24:27:ea:d0:62:dd:1c:85:a7:f5:
7e:46:95:7e:e6:f7:7d:0c:a4:ee:88:fb:e1:46:2b:71:bd:e1:
86:b9:06:10:08:7a:f2:da:49:bd:bb:0e:11:f6:a5:8b:ec:54:
f5:bb:c4:2a:e1:6e:d2:2b:31:ca:68:32:7f:eb:eb:01:45:67:
21:4f:a7:32:84:56:c8:e2:1f:96:9a:7a:31:86:6c:59:41:5a:
1c:7d:5a:79:fe:52:f5:79:ab:75:19:05:62:21:cd:c8:a4:a0:
a1:9c:cb:26:40:73:f5:6e:a3:4c:ef:ad:ce:e0:ae:97:a9:9f:
56:36:34:90:26:11:2d:4a:3e:f8:39:78:5d:0a:58:10:25:f3:
b5:81:5d:cb:9d:46:85:3f:3c:64:75:2c:56:3c:39:37:30:50:
48:72:f7:20
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZT+erdn0SqWFX+JfXPoI5Y9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjUwMjEzMDg0NDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2QzOTc2Nzg0OTUyZDljNWFiZTZkNTBiZWY2NDEzMjI5MWJiYzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6E1cXsMcMPqwVDy1tgEyz5EI1znq
ScDqsoz7hpToX+f3zRtgcdVX1INyZWVPicTiuuS2jya9iP0bWEb/syO+5V3dqtH0
iIcybKH4Ii9hQUljXQ9td4XhYnoTivkcFAdGhMP7coGs7RPRXlMj3pkihmW+/VJ8
hR+LuVnHG32+qtgTlgoXesB8qiTGDg7zUUqd6sQY0ZWrL3FO00U2D2D4I2bletjf
RH7vTB6M2g8dkP8Ib6aav2reYhOIo9sI/YSIKm+wrkLF7o0tNiv2luCW2QroIpr3
zDAbeinHFe1ULV1kr71c0uZ4ANut12OKURt9ZAWuju5ktH8+XF3jfHIsAwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFHfTl2eElS2cWr5tUL72QTIpG7xVMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvZDlPWFo0U1ZMWnhhdm0xUXZ2WkJNaWtidkZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAH9IjAwQC
vIS8MAwDBADURDsDBADURDwwDQYJKoZIhvcNAQELBQADggEBAGVQQjI+XKFMNBvd
bD+Zt99bF9uIqn2rAoN7+1BSaKc9hshRfBxWQogAuYLEpgsvn6/FQIL+lYzzGOvh
zYxP6yWmgDiJ2KMD3McmsqbV1sACGTigI9LG15DVFgqiqQbt5Kq4JCfq0GLdHIWn
9X5GlX7m930MpO6I++FGK3G94Ya5BhAIevLaSb27DhH2pYvsVPW7xCrhbtIrMcpo
Mn/r6wFFZyFPpzKEVsjiH5aaejGGbFlBWhx9Wnn+UvV5q3UZBWIhzcikoKGcyyZA
c/Vuo0zvrc7grpepn1Y2NJAmES1KPvg5eF0KWBAl87WBXcudRoU/PGR1LFY8OTcw
UEhy9yA=
-----END CERTIFICATE-----
Generated at Thu Apr 17 21:12:30 2025 by rpki-client